protected virtual async Task <bool> Pay(BuyProductReq buyProductReq, string userName)
{
double accountBalance = _transactionDAO.GetAccountbalance(userName);
double ammountToPay = buyProductReq.Price * buyProductReq.Quantity;
TimeSpan sleepFor = SIMULTANEOUS_REQUESTS_WAIT_FOR;
if (sleepFor.TotalMilliseconds > 0)
{
await Task.Delay(sleepFor);
}
if (accountBalance < ammountToPay)
{
return(false);
}
DepositRequest depositRequest = new DepositRequest
{
Amount = buyProductReq.Price * buyProductReq.Quantity,
Reason = TRANSACTION_REASON,
ReceiverId = TRANSACTION_RECIVER_ID,
SenderId = userName
};
bool payResult = _transactionDAO.Pay(depositRequest);
return(payResult);
}
public virtual async Task <bool> BuyProduct(BuyProductReq buyProductReq, string userName)
{
bool payResult = await Pay(buyProductReq, userName);
if (!payResult)
{
return(false);
}
// buy product id gets validated int the overwritten Pay method
List <PurchaseItemReq> purchaseItems = new List <PurchaseItemReq>
{
new PurchaseItemReq
{
Price = buyProductReq.Price,
Username = userName,
StoreItemId = buyProductReq.Id,
Quantity = buyProductReq.Quantity,
}
};
EmptyResult checkoutResult = await _storeAPICalls.CheckoutBasketAsync(purchaseItems);
if (checkoutResult == null)
{
return(false);
}
return(true);
}
public async override Task <bool> BuyProduct(BuyProductReq buyProductReq, string userName)
{
List <StoreItem> storeItems = await _storeAPICalls.GetStoreItemsAsync();
if (storeItems == null)
{
return(await base.BuyProduct(buyProductReq, userName));
}
CtfChallangeModel invalidModelChallange = _ctfOptions.CtfChallanges
.Where(x => x.Type == CtfChallengeTypes.InvalidModel)
.Single();
StoreItem storeItem = storeItems
.Where(x => x.Id == buyProductReq.Id)
.SingleOrDefault();
if (storeItem == null)
{
_httpContextAccessor.HttpContext.Response.Headers.Add(invalidModelChallange.FlagKey, invalidModelChallange.Flag);
}
else
{
if (storeItem.Price != buyProductReq.Price)
{
_httpContextAccessor.HttpContext.Response.Headers.Add(invalidModelChallange.FlagKey, invalidModelChallange.Flag);
}
}
return(await base.BuyProduct(buyProductReq, userName));
}
public async Task <IActionResult> BuyProduct([FromBody] BuyProductReq buyProductReq)
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
bool result = await _storeBL.BuyProduct(buyProductReq, HttpContext.GetUserName());
if (!result)
{
return(BadRequest());
}
return(Ok(new EmptyResult()));
}
public virtual async Task <bool> BuyProduct(BuyProductReq buyProductReq, string userName)
{
double accountBalance = _transactionDAO.GetAccountbalance(userName);
if (accountBalance < buyProductReq.Price)
{
return(false);
}
DepositRequest depositRequest = new DepositRequest
{
Amount = buyProductReq.Price,
Reason = TRANSACTION_REASON,
ReceiverId = TRANSACTION_RECIVER_ID,
SenderId = userName
};
bool payResult = _transactionDAO.Pay(depositRequest);
if (!payResult)
{
return(false);
}
List <PurchaseItemReq> purchaseItems = new List <PurchaseItemReq>
{
new PurchaseItemReq
{
Price = buyProductReq.Price,
Username = userName,
StoreItemId = buyProductReq.Id,
Quantity = buyProductReq.Quantity,
}
};
EmptyResult checkoutResult = await _storeAPICalls.CheckoutBasketAsync(purchaseItems);
if (checkoutResult == null)
{
return(false);
}
return(true);
}
public async override Task <bool> BuyProduct(BuyProductReq buyProductReq, string userName)
{
string cacheKey = string.Format(SIMULTANEOUS_REQUESTS_KEY, userName, buyProductReq.Id);
if (_memoryCache.TryGetValue(cacheKey, out string value))
{
if (!_ctfOptions.CtfChallengeOptions.SimultaneousRequest)
{
return(false);
}
}
_memoryCache.Set(cacheKey, string.Empty, LOCK_BUY_REQUEST_FOR);
bool result = await base.BuyProduct(buyProductReq, userName);
if (_ctfOptions.CtfChallengeOptions.InvalidModelStore)
{
List <StoreItem> storeItems = await _storeAPICalls.GetStoreItemsAsync();
if (storeItems != null)
{
CtfChallangeModel invalidModelChallange = _ctfOptions.CtfChallanges
.Where(x => x.Type == CtfChallengeTypes.InvalidStoreModel)
.Single();
StoreItem storeItem = storeItems
.Where(x => x.Id == buyProductReq.Id)
.SingleOrDefault();
if (storeItem != null)
{
if (storeItem.Price != buyProductReq.Price)
{
_httpContextAccessor.HttpContext.Response.Headers.Add(invalidModelChallange.FlagKey, invalidModelChallange.Flag);
}
}
}
}
_memoryCache.Remove(cacheKey);
return(result);
}
protected override async Task <bool> Pay(BuyProductReq buyProductReq, string userName)
{
double accountBalance = _transactionDAO.GetAccountbalance(userName);
Stopwatch stopwatch = new Stopwatch();
stopwatch.Start();
double ammountToPay;
ammountToPay = buyProductReq.Price * buyProductReq.Quantity;
List <StoreItem> storeItems = await _storeAPICalls.GetStoreItemsAsync();
if (storeItems == null)
{
return(false);
}
StoreItem storeItem = storeItems
.Where(x => x.Id == buyProductReq.Id)
.SingleOrDefault();
if (storeItem == null)
{
return(false);
}
if (_ctfOptions.CtfChallengeOptions.InvalidModelStore)
{
if (storeItem.Price != buyProductReq.Price)
{
CtfChallangeModel invalidStoreModelRequest = _ctfOptions.CtfChallanges
.Where(x => x.Type == CtfChallengeTypes.InvalidStoreModel)
.SingleOrDefault();
_httpContextAccessor.HttpContext.Response.Headers.Add(invalidStoreModelRequest.FlagKey, invalidStoreModelRequest.Flag);
}
}
else
{
ammountToPay = storeItem.Price * buyProductReq.Quantity;
}
stopwatch.Stop();
TimeSpan sleepFor = SIMULTANEOUS_REQUESTS_WAIT_FOR - stopwatch.Elapsed;
if (sleepFor.TotalMilliseconds > 0)
{
await Task.Delay(sleepFor);
}
if (accountBalance < ammountToPay)
{
return(false);
}
double accountBalanceAfterWait = _transactionDAO.GetAccountbalance(userName);
if (accountBalanceAfterWait < ammountToPay)
{
if (_ctfOptions.CtfChallengeOptions.SimultaneousRequest)
{
CtfChallangeModel simultaneousRequest = _ctfOptions.CtfChallanges
.Where(x => x.Type == CtfChallengeTypes.SimultaneousRequest)
.SingleOrDefault();
_httpContextAccessor.HttpContext.Response.Headers.Add(simultaneousRequest.FlagKey, simultaneousRequest.Flag);
}
}
DepositRequest depositRequest = new DepositRequest
{
Amount = ammountToPay,
Reason = TRANSACTION_REASON,
ReceiverId = TRANSACTION_RECIVER_ID,
SenderId = userName
};
return(_transactionDAO.Pay(depositRequest));
}
